package com.atguigu.chapter08;

import com.atguigu.bean.AdsClickLog;
import com.atguigu.bean.LoginEvent;
import com.atguigu.util.AnqclnUtil;
import org.apache.flink.api.common.state.ReducingState;
import org.apache.flink.api.common.state.ReducingStateDescriptor;
import org.apache.flink.api.common.state.ValueState;
import org.apache.flink.api.common.state.ValueStateDescriptor;
import org.apache.flink.configuration.Configuration;
import org.apache.flink.streaming.api.datastream.SingleOutputStreamOperator;
import org.apache.flink.streaming.api.environment.StreamExecutionEnvironment;
import org.apache.flink.streaming.api.functions.KeyedProcessFunction;
import org.apache.flink.streaming.api.functions.windowing.ProcessWindowFunction;
import org.apache.flink.streaming.api.windowing.windows.GlobalWindow;
import org.apache.flink.util.Collector;
import org.apache.flink.util.OutputTag;

import java.util.List;

/**
 * Author: Pepsi
 * Date: 2023/8/14
 * Desc:
 */


/*
*
* 用户恶意登录
*   这个案例对于恶意的定义是：2秒内连续登录失败就是恶意登录
*
* */


public class Flink07_Project_High_illegalLogin {
    public static void main(String[] args) {
        Configuration conf = new Configuration();
        conf.setInteger("rest.port", 1000);
        StreamExecutionEnvironment env = StreamExecutionEnvironment.getExecutionEnvironment(conf);
        env.setParallelism(1);

        env
                .readTextFile("input/LoginLog.csv")
                .map(line -> {
                    String[] data = line.split(",");
                    return new LoginEvent(
                            Long.valueOf(data[0]),
                            data[1],
                            data[2],
                            Long.parseLong(data[3]) * 1000
                    );
                })
                // 先以用户id分组，
                .keyBy(LoginEvent::getUserId)
                // 然后开一个个数窗口，窗口2个元素，步长1
                .countWindow(2,1)
                .process(new ProcessWindowFunction<LoginEvent, String, Long, GlobalWindow>() {
                    @Override
                    public void process(Long aLong,
                                        Context context,
                                        Iterable<LoginEvent> elements,
                                        Collector<String> out) throws Exception {
                        // 将两个元素转成list
                        List<LoginEvent> loginEventList = AnqclnUtil.toList(elements);
                        // 判断是否是两个元素，如果是两个元素才进行处理
                        if (loginEventList.size() == 2) {
                            // 取出两个事件
                            LoginEvent event1 = loginEventList.get(0);
                            LoginEvent event2 = loginEventList.get(1);

                            // 取出事件类型
                            String type1 = event1.getEventType();
                            String type2 = event2.getEventType();
                            // 取出事件的时间戳
                            Long time1 = event1.getEventTime();
                            Long time2 = event2.getEventTime();
                            // 判断 两个事件的类型是否都是失败的，并且时间间隔小于2s
                            if ("fail".equals(type1) && "fail".equals(type2) && Math.abs(time1-time2) <=2000) {
                                // 输出恶意登录
                                out.collect(aLong+" 正在恶意登录...");
                            }
                        }
                    }
                })
                .print();


        try {
            env.execute();
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}
